Of the nine patches released this month, the most critical security update patch helps prevent denial of service attacks on Internet Information Services.

Microsoft Corp. released nine security updates on patch Tuesday that touch almost every Microsoft product in the enterprise, from servers to client systems, giving IT administrators plenty to worry about.

"This is one of the most widespread patch months Microsoft has ever done. The patches run the gamut and touch everything in the enterprise except for Internet Explorer," said Eric Schultze, CTO of St. Paul, Minn.-based patch management and security software company Shavlik Technologies LLC.

Schultze laid out the patches that IT administrators should put on the top of their priority list and said one of the most critical is the Internet Information Services (IIS7) Web server patch (MS09-036). It addresses a flaw that lets attackers send packets to your Web server that cause it to stop functioning (denial of service). IIS7 websites are safe if they are running in "classic" mode, but those running in integrated (non-classic) mode are vulnerable. The patch for this IIS7 issue is really a patch for .Net Framework versions 2 and 3, Schultze said.

Another critical patch that should be installed immediately is MS09-039, affecting WINS Servers. "Almost every Microsoft customer has a WINS server, so this is probably the most critical patch," Schultze said.

He said MS09-039 is a critical issue for WINS server part of the network infrastructure because without it, "attackers can point to the server with no permissions whatsoever and do whatever they want," he said. "They could create their own admin account without any permissions and execute code."

Microsoft also patched five different ActiveX controls, following one ActiveX fix last month and an out of band patchout-of-band patch the company issued a couple of weeks ago. This month's patches fix a related but different issue, where "evil websites could run code on your computer," Schultze said.

"If you think your users might visit any websites when they are bored, it's a good idea to issue the patch right away," he said.

And some other patches that should be high on IT administrators' priority list this month are MS09-040 and -041 addressing privilege escalation attacks. These flaws let anyone with user-level access to systems like print servers, file servers and domain controllers point packets to those systems and execute code, or read files with sensitive information, like payroll, Schultze said.

"This one really bothers me because it breaks down internal security controls," he said. "Patch this one while patching your WINS servers to keep idle internal miscreants from owning your machines."

Information on the other patches can be found on Microsoft's Security Bulletin website.

Start the conversation

0 comments

Register

I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.

Please check the box if you want to proceed.

I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.